package com.finance.action.android.autograph;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.finance.service.customer.TokenService;

@Controller("AutographAction")
public class AutographAction {
	
	@Resource(name = "TokenService")
	private TokenService tokenService;
	
	//测试环境
//	public String domainUrl= "https://t.limuzhengxin.cn";
//	public String api_key = "8352023301185235";
//	public String api_secret = "cncjl0Uu2DTjPTJgjYEEkWZ10lALb1c";
	
	//生产环境
	public static final String domainUrl="https://m.limuzhengxin.com";
	public static final String api_key = "8352023301185235";
	public static final String api_secret = "A057TgOCs8eM6asJWm0ZckwDCTOFwzEe";
	
	@RequestMapping(value="/sign",produces = "application/x-javascript")
	@ResponseBody
	public String sign(HttpServletRequest request,HttpServletResponse response){
	//校验用户登录
	request.getSession().getServletContext().getRealPath("/");
	String message=request.getParameter("message");
	String callback=request.getParameter("callback");
	//签名
	//String sign = MDUtil.SHA1(message+apiSecret);
	String signtoken = String.valueOf(DigestUtils.sha1Hex(message+api_secret));
	//返回字条串
	System.out.println("call:"+callback+"签名:"+signtoken);
	return callback+"('" +signtoken + "')";
	}
	
}
